sslmode=verify-full
when connecting and configure your Postgres connection to read your public certificate bundle.sslmode=require
.sslmode
in available in the Postgres documentation.
psql
will automatically use SSL to connect to Hydra Postgres.
sslrootcert=system
to the end of your connection string, as follows:
~/.pg_service.conf
.
psql service=hydra dbname=postgres
to connect to the postgres
database.
psql
will try to validate certificates when connecting to any Postgres database. This will cause connections to some other Postgres databases to return an error, even if you set sslmode
.
You can instruct psql
to always read your public certificate bundle my symlinking ~/.postgresql/root.crt
to your public root cert bundle:
libpq
behind the scenes. You can configure libpq
to read your cert bundle using the PGSSLROOTCERT
environment variable. For example, add this environment variable to your application’s environment: